INFORMATICA E CYBER SECURITY
(objectives)
The course aims to provide a solid knowledge of the basic concepts of cybersecurity and information security from a legal and regulatory point of view with an integrated approach that considers the transversality and interdisciplinarity that characterises the subject. In terms of knowledge and understanding, also applied, the course will provide students with the tools to understand and analyse cyber threats in the light of international standards of reference and sector regulations. In addition, in terms of the autonomy of judgement, the course aims to provide the ability to develop informed and autonomous assessments of the events in the field of cybersecurity, comparing them to the basic computer knowledge provided, to the technical regulations of the sector as well as the current legislative framework on the protection of critical infrastructures and the repression of cybercrime. Regarding communication skills and learning ability, a specific objective of the course is to provide the correct vocabulary for arguing in the field of cybersecurity, as well as the ability to recall and deepen their knowledge in the future.
|
Code
|
18425 |
Language
|
ITA |
Type of certificate
|
Profit certificate
|
Credits
|
4
|
Scientific Disciplinary Sector Code
|
INF/01
|
Contact Hours
|
24
|
Type of Activity
|
Related or supplementary learning activities
|
Group: 1
Teacher
|
ORLANDI VALERIO
(syllabus)
TEACHING PROGRAMME Computer Science and Cybersecurity" course Bachelor of Science in Political Science and International Relations at the Army Non-Commissioned Officers School University of Tuscia
Courses A and B
1) Introductory lecture on course contents a. Network risks b. Overview of recent attacks and CLUSIT 2020 report c. Cyberspace and cybersecurity d. Frequently asked questions and answers on cybersecurity e. The birth of the term hacker and its evolution to the present day
2) Introduction to cybersecurity a. The evolution of the Internet: from the Arpanet to the WWW b. Notes on graph theory c. Some technical notions about networks d. Private databases and the related right of access of the data owner e. Public databases and limitations to the right of access; f. Functions and differences between criminal records, pending charges and inter-force data processing centre 3) Cybercrime 1 a. Introduction to the elements of criminal relevance of hacking b. Cybercrime the main computer crimes - art. 615 ter - Unauthorised access to a computer or telematic system - art. 635 ter - Damage to computer information, data and programmes used by the State or other public body or in any case of public utility - art. 640 ter - Computer fraud c. Analysis of court cases
4) Cybercrime 2 a. Article 612 ter of the Criminal Code Illegal dissemination of sexually explicit images or videos b. Article 615 bis of the criminal code. Illegal interference in private life c. Article 615c of the Criminal Code. Unauthorised possession and dissemination of access codes to computer or telematic systems d. Article 615 quinquies of the Criminal Code, dissemination of equipment, devices or computer programmes intended to damage or interrupt a computer or telecommunications system e. Article 617 quater of the Criminal Code Illegal interception, obstruction or interruption of computer or telematic communications f. Article 617 quinquies of the Criminal Code Installation of equipment designed to intercept, impede or interrupt computer or telematic communications; g. analysis of legal cases
5) Hackers, malwares and targets a. What is malware b. Vulnerabilities and phases of a cyber attack c. Main types of malicious software d. Profiling hackers: types of attackers and motivations e. Attacker objectives
6) The protection of personal data a. The General Data Protection Regulation 2016/679 (GDPR)
7) The security of information and personal data a. Distinction between Cybersecurity and Information security b. The data life cycle c. C.I.A.: Confidentiality, Integrity and Availability d. Security as a process: the ISO 27000 standards e. Risk analysis and risk treatment between ISO 27001 and GDPR
8) The repression of computer crimes a. Postal police b. GDF - Special Unit for the Protection of Privacy and Technological Fraud (NSTPFT) c. Carabinieri: Computer Technology Department Telematics Section at Ra. Cis and Telematics Security Center at the General Headquarters d. Presidency of the Council of Ministers - DIS - Italian Institute of Cybersecurity e. COPASIR
9) Processing of personal data for police purposes a. Directive (EU) 2016/680 b. The Legislative Decree of 18 May 2018 no. 51.
10) Introduction to Digital Forensics 1. a. The activity of the Judicial Police b. The role of the consultant of the Prosecutor. c. The figure of the expert d. Digital Forensics
11) Introduction to Digital Forensics 2 a. The use of software for the reconstruction of deleted data on digital devices; b. The most famous hacker attacks: modalities, objectives, consequences; c. the dark web;
12) Regulatory framework on cyber security pt. 1 a. The protection of critical national infrastructure b. The NIS Directive and legislative decree no. 65 of 18 May 2018 c. The decree on Telco
13) Regulatory framework on cyber security pt. 2 a. The national cybersecurity perimeter: the Decree-Law No. 105 of 21 September 2019 and the DPCM No. 131 of 30 July 2020 b. The Information System for the Security of the Republic in the context of cybersecurity
14) Cybersecurity in the international context a. Danger of cyberwar? b. NATO and the CCDCOE c. The Tallin Manual and the Shanghai Cooperation Organisation
15) The most famous hacker attacks a. Modalities of the most famous hacker attacks b. Goals set and goals achieved c. Direct consequences
16) Final lecture for a general review of the topics covered and preparation for the final examination
(reference books)
A. Contaldo, F. Peluso, Cybersecurity. La nuova disciplina italiana ed europea alla luce della direttiva NIS, Pacini, 2018;
A. Marengo, A. Pagano (a cura di), Informatica di base. Con aggiornamento online, McGraw-Hill Education, 2016.
|
Dates of beginning and end of teaching activities
|
From to |
Delivery mode
|
Traditional
|
Attendance
|
not mandatory
|
Evaluation methods
|
Written test
|
Group: 2
Teacher
|
Serini Federico
(syllabus)
The course aims to provide students with an overview of the risks associated with progressive digitisation, especially following recent cyber-attacks. Particular attention will be paid to the following topics: - the international standards of the sector; - the legislative framework relating to the protection of networks, information systems and computer systems in the multi-level system; - the study of criminal conduct committed online or by using IT and telematic tools, and personal data protection; - Institutions responsible for protecting cybersecurity at national and European level.
(reference books)
A. Contaldo, F. Peluso, Cybersecurity. La nuova disciplina italiana ed europea alla luce della direttiva NIS, Pacini, 2018;
A. Marengo, A. Pagano (a cura di), Informatica di base. Con aggiornamento online, McGraw-Hill Education, 2016.
|
Dates of beginning and end of teaching activities
|
From to |
Delivery mode
|
Traditional
|
Attendance
|
Mandatory
|
Evaluation methods
|
Written test
|
|
|